/etc/hosts.allow: One of the two access control files for TCP Wrappers and libwrap

This and/or its companion /etc/hosts.deny are used by the TCP Wrappers utility (or by any program that's been linked against the libwrap libraries) to determine which services can be access by which clients (based on their host IP address, network prefix, hostname or domain).

Read the man pages: hosts.allow hosts.deny hosts_access and hosts_options for more details on the syntax and use of these files.

Do not confuse the use of TCP Wrappers and libwrap with the use of IP Tables, IP Chains, ''ipfwadm'' or other packet filtering functions. TCP Wrappers is run in user space, after a connection has already been established; it can close the connection or execute a program to use that connection. Packet filtering in Linux occurs in the kernel and can affect any protocol, not just TCP and UDP.